Welcome - Sharing information with the community related to Microsoft SharePoint security, information protection and permissions. Topics will also cover identity federation, claims and software development. Articles will at times be technical and focussed at developers/architects. They will also be higher level and discuss concepts and customer use cases. Have a look around, share your thoughts and I do hope you find some helpful content.

Follow me on Twitter @AntonioMaio2

Monday, September 9, 2013

Protecting Your Social Media Accounts from Hacking

So, this post is not about SharePoint; but it is a computer security topic that is becoming increasingly important in our social media charged world: How to protect our many social media accounts from hackers.

I came across a great article in the Globe and Mail recently, that I wanted to share with people which presents 10 concrete steps to protect businesses from having their social media accounts hacked.

Social media accounts present hackers with another attack vector by which to compromise organizations. Often, due to social media still being quite new for many businesses, they lack corporate security policies around social media - policies like who can use those accounts, how are those accounts secured, what type of corporate information can be shared via social media, etc. Sometimes, due to the often informal nature of social media, individuals may feel that these accounts fall outside the realm of corporate information security. However, social media and their related accounts (Facebook, Twitter, Instagram, etc.) can often be easy inroads into a businesses' computer infrastructure for those that would either steal corporate intellectual property, or try to compromise computer security for other criminal purposes.

The article goes through 10 best practices which are very practical steps that I see many large enterprises adopting in my own work. Some of them are very common sense but quite critical to organizations protecting their information:

Provide employees with easy to follow guidelines

Define what's confidential

Some of the other steps discussed are slightly more nuanced but definitely important to include when developing a corporate security strategy:

Look at your employees differently

Be social but be smart

Don't link all your accounts

Overall, if you or your business engage in social media at all, I highly recommend giving this article a thorough read.

In the spirit of full disclosure, the article happens to be written by my wonderful wife Laura Maio (twitter: @LJMaio). :-)
- Antonio

No comments:

Post a Comment

About Me

Antonio Maio is an information security architect with over 25 years of experience in cyber security practices and systems, product management, software development and leadership. Antonio is currently a Senior Manager and Senior SharePoint Architect with Protiviti. He has been awarded a Microsoft Most Valuable Professional award for 5 consecutive years, from 2012 to 2016, specializing in Microsoft SharePoint Server, Office 365 and Office Services. His background includes implementing cryptography and PKI systems, information security technologies, and both information governance and cybersecurity best practices. His experience with Microsoft SharePoint and Office 365 extends over the last 10 years. When he’s not helping enterprise, military or government organizations solve security challenges, you can catch him speaking at conferences or contributing to the community through this blog. In his spare time, Antonio likes to oil paint, run, make wine, read and spend time with his family.